2 matches found
CVE-2025-67981 WordPress Besa theme <= 2.3.15 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through = 2.3.15...
CVE-2025-67981
CVE-2025-67981 is a locally exploitable vulnerability in the WordPress theme Besa (thembay) <= 2.3.15, described as an unauthenticated Local File Inclusion (LFI) due to improper control of the filename used in PHP include/require. Public sources (NVD/Red Hat/CVE list) confirm the affected prod...